Archive for the 'politics' Category

17
Jun
09

#IranElection

I was thinking about Twitter and Iran and identity yesterday while watching activity on Twitter. First, for the benefit of those living in a cave, Iran had an election, and it appears the results are at odds with public perception. Being effectively a Muslim orthodox theocracy, the population is not given a lot of opportunity to voice displeasure with the government. That being the case, Iranians have been flooding Twitter, Facebook, and YouTube with news, videos, protest information, police activity, etc. The Iranian government is doing their best to lock down access to these web services, but it is difficult. Twitter, especially, has a very open API and a number of ways to receive posts.

Question number 1: How do you sort out the good posts from the bad? Apparently Iranian security forces have created Twitter accounts and are posting false information. I have noticed an increase in the number of spammers using the #IranElection hash as well. In addition to that, requests have been made to all Twitter users to change their profile information to show they are in Tehran and their timezone is +3:30GMT. This is supposed to create additional noise so it is more difficult to determine who is actually in Iran.

Question number 2: Where is the SSL in the 3rd party apps? Twitter and Facebook offer the option for SSL login. I haven’t looked into the API, but I’m not sure if Twitter allows 3rd parties to connect via SSL. Even if they do, how often is the feature used? One of the ways people are filtering noise vs data in the Twitter feed is by looking at when the account was created. If Iran owns the backbone leaving the country, what’s to stop them from sniffing the traffic and hijacking known, trusted accounts? I have some concerns posting this, but, honestly, we don’t get a lot of traffic here. Also, if the Iranian security folks haven’t figured this out yet, then they have way bigger problems on their hands.

Question number 3: Why are major news sources publishing account names when quoting Twitter? I can understand wanting to document where the information came from, and perhaps even keeping records of all the details, but do you need to publish names?

Advertisements
01
May
08

White House Email Horrorshow

The White House started using Lotus Notes about 15 years ago for email. Since a ruling determined that electronic communication needed to be archived, there was an automated system in place to capture, sort, and store all the email to or from the White House and senior executive staff officials.

Early in the GW Bush administration they migrated to Exchange. Not a big deal. Lots of places use it. Even as much as I try to avoid Microsoft products when possible, it’s pretty tough to argue against using Exchange. The problem is, when they migrated email systems, they did not bring along the processes to archive the mail. What they did instead was have people manually go through all the email, sort it, and save it in .pst files. This is not good.

On top of that, the use of outside email was widespread. This is the executive branch of the US government. Office of the President. Commander-in-Chief. During wartime. Shouldn’t those systems be locked down more than anything else in the country? Do I want a computer sitting next to the big, red, blow up the world button to have Hotmail access? Should it be that easy for the people with the highest clearances to transmit documents to the entire world?

This issue will probably be revisited as it is so wrong on so many levels.

More details can be found here http://arstechnica.com/articles/culture/bush-lost-e-mails.ars